DevOps Engineer at a tech services company with 51-200 employees
Real User
2022-07-22T17:40:59Z
Jul 22, 2022
Basically, what Bridgecrew does is scan our policy configurations inside of our public cloud provider. We were scanning for security misconfigurations and vulnerabilities in our packages to ensure that we had locked down everything as needed in terms of IM permissions and VPC access and things like that.
A lot of the companies that we work with specifically have already had a foundation with Palo Alto, whether they've bought the on-premises solutions or are looking at the cloud side. However, Palo Alto is one of those names that hold a lot of weight in the industry, and they can't really put out a bad product. Being a Palo Alto engineer and having that title specifically has become its own job rec that a lot of companies just are standardizing. A lot of the clients that we interact with are not doing full-fledged SOCs. Most of them have less than 50 people dedicated to their security team. They're relying on third-party consultants to kind of come in and come up with the logic behind it. That's what we typically do from my side. We come up with the logic and then we will recommend someone to actually put the logic in place. The company may hire someone. We're more on the architecture side, however, finding an engineer for a Palo Alto solution is a lot easier than finding one for Carbon Black, for example, even though it is a huge company.
Find out what your peers are saying about Palo Alto Networks, Orca Security, Amazon Web Services (AWS) and others in Cloud Workload Protection Platforms (CWPP). Updated: December 2024.
Cloud Workload Protection Platforms (CWPP) designed to protect cloud environments, addressing the security needs of workloads in public, private, and hybrid cloud settings. CWPPs are vital to ensure that your data and applications are safeguarded against threats.
Basically, what Bridgecrew does is scan our policy configurations inside of our public cloud provider. We were scanning for security misconfigurations and vulnerabilities in our packages to ensure that we had locked down everything as needed in terms of IM permissions and VPC access and things like that.
A lot of the companies that we work with specifically have already had a foundation with Palo Alto, whether they've bought the on-premises solutions or are looking at the cloud side. However, Palo Alto is one of those names that hold a lot of weight in the industry, and they can't really put out a bad product. Being a Palo Alto engineer and having that title specifically has become its own job rec that a lot of companies just are standardizing. A lot of the clients that we interact with are not doing full-fledged SOCs. Most of them have less than 50 people dedicated to their security team. They're relying on third-party consultants to kind of come in and come up with the logic behind it. That's what we typically do from my side. We come up with the logic and then we will recommend someone to actually put the logic in place. The company may hire someone. We're more on the architecture side, however, finding an engineer for a Palo Alto solution is a lot easier than finding one for Carbon Black, for example, even though it is a huge company.